def test_api___simple_search_ok__no_search_string(self) -> None: dbsession = get_tm_session(self.session_factory, transaction.manager) admin = dbsession.query(User).filter(User.email == "*****@*****.**").one() uapi = UserApi(current_user=admin, session=dbsession, config=self.app_config) gapi = GroupApi(current_user=admin, session=dbsession, config=self.app_config) groups = [gapi.get_one_with_name("trusted-users")] user = uapi.create_user( "*****@*****.**", password="******", do_save=True, do_notify=False, groups=groups, ) workspace_api = WorkspaceApi( current_user=admin, session=dbsession, config=self.app_config, show_deleted=True ) workspace = workspace_api.create_workspace("test", save_now=True) rapi = RoleApi(current_user=admin, session=dbsession, config=self.app_config) rapi.create_one(user, workspace, UserRoleInWorkspace.WORKSPACE_MANAGER, False) api = ContentApi(session=dbsession, current_user=user, config=self.app_config) api.create( content_type_slug="html-document", workspace=workspace, label="test", do_save=True ) transaction.commit() self.testapp.authorization = ("Basic", ("*****@*****.**", "*****@*****.**")) res = self.testapp.get("/api/v2/search/content".format(), status=200) search_result = res.json_body assert search_result assert search_result["total_hits"] == 0 assert search_result["is_total_hits_accurate"] is True assert len(search_result["contents"]) == 0
def test__unit__get_notifiable_roles__ok__nominal_case(self): admin = self.session.query(User).filter( User.email == "*****@*****.**").one() wapi = WorkspaceApi(session=self.session, config=self.app_config, current_user=admin) workspace = wapi.create_workspace(label="workspace w", save_now=True) uapi = UserApi(session=self.session, current_user=admin, config=self.app_config) user_1 = uapi.create_user(email="[email protected]", auth_type=AuthType.INTERNAL, do_save=True, do_notify=False) user_2 = uapi.create_user(email="[email protected]", auth_type=AuthType.INTERNAL, do_save=True, do_notify=False) assert wapi.get_notifiable_roles(workspace=workspace) == [] rapi = RoleApi(session=self.session, current_user=admin, config=self.app_config) role_1 = rapi.create_one(user_1, workspace, UserRoleInWorkspace.READER, with_notif=True) role_2 = rapi.create_one(user_2, workspace, UserRoleInWorkspace.READER, with_notif=False) assert role_1 in wapi.get_notifiable_roles(workspace=workspace) assert role_2 not in wapi.get_notifiable_roles(workspace=workspace)
def test_unit__get_all_for_usages(self, admin_user, session, app_config, workspace_api_factory): rapi = RoleApi(current_user=admin_user, session=session, config=app_config) workspace = workspace_api_factory.get().create_workspace("workspace_1", save_now=True) roles = rapi.get_all_for_workspace(workspace) assert len(roles) == 1 assert roles[0].user_id == admin_user.user_id assert roles[0].role == WorkspaceRoles.WORKSPACE_MANAGER.level
def test_unit__get_known__user__distinct_workspaces_users_by_name__exclude_workspace_and_name( self ): admin = self.session.query(User).filter(User.email == "*****@*****.**").one() api = UserApi(current_user=None, session=self.session, config=self.app_config) u1 = api.create_user(email="email@email", name="name", do_notify=False, do_save=True) u2 = api.create_user(email="email2@email2", name="name2", do_notify=False, do_save=True) u3 = api.create_user( email="notfound@notfound", name="notfound", do_notify=False, do_save=True ) u4 = api.create_user(email="email3@email3", name="name3", do_notify=False, do_save=True) wapi = WorkspaceApi(current_user=admin, session=self.session, config=self.app_config) workspace = wapi.create_workspace("test workspace n°1", save_now=True) wapi = WorkspaceApi(current_user=admin, session=self.session, config=self.app_config) workspace_2 = wapi.create_workspace("test workspace n°2", save_now=True) role_api = RoleApi(current_user=admin, session=self.session, config=self.app_config) role_api.create_one(u1, workspace, UserRoleInWorkspace.READER, False) role_api.create_one(u2, workspace_2, UserRoleInWorkspace.READER, False) role_api.create_one(u4, workspace_2, UserRoleInWorkspace.READER, False) role_api.create_one(u3, workspace, UserRoleInWorkspace.READER, False) role_api.create_one(u3, workspace_2, UserRoleInWorkspace.READER, False) api2 = UserApi(current_user=u3, session=self.session, config=self.app_config) users = api2.get_known_user( "name", exclude_workspace_ids=[workspace.workspace_id], exclude_user_ids=[u4.user_id] ) assert len(users) == 1 assert users[0] == u2
def update_workspaces_members_role( self, context, request: TracimRequest, hapic_data=None ) -> UserRoleWorkspaceInContext: """ Update role of the given space member. This feature is for workspace managers, trusted users and administrators. """ app_config = request.registry.settings['CFG'] rapi = RoleApi( current_user=request.current_user, session=request.dbsession, config=app_config, ) role = rapi.get_one( user_id=hapic_data.path.user_id, workspace_id=hapic_data.path.workspace_id, ) workspace_role = WorkspaceRoles.get_role_from_slug(hapic_data.body.role) role = rapi.update_role( role, role_level=workspace_role.level ) return rapi.get_user_role_workspace_with_context(role)
def test_unit__get_known__user__distinct_workspaces_users_by_name__exclude_workspace(self): admin = self.session.query(models.User) \ .filter(models.User.email == '*****@*****.**') \ .one() api = UserApi( current_user=None, session=self.session, config=self.config, ) u1 = api.create_user( email='email@email', name='name', do_notify=False, do_save=True, ) u2 = api.create_user( email='email2@email2', name='name2', do_notify=False, do_save=True, ) u3 = api.create_user( email='notfound@notfound', name='notfound', do_notify=False, do_save=True, ) wapi = WorkspaceApi( current_user=admin, session=self.session, config=self.app_config, ) workspace = wapi.create_workspace( 'test workspace n°1', save_now=True) wapi = WorkspaceApi( current_user=admin, session=self.session, config=self.app_config, ) workspace_2 = wapi.create_workspace( 'test workspace n°2', save_now=True) role_api = RoleApi( current_user=admin, session=self.session, config=self.app_config, ) role_api.create_one(u1, workspace, UserRoleInWorkspace.READER, False) role_api.create_one(u2, workspace_2, UserRoleInWorkspace.READER, False) role_api.create_one(u3, workspace, UserRoleInWorkspace.READER, False) role_api.create_one(u3, workspace_2, UserRoleInWorkspace.READER, False) api2 = UserApi( current_user=u3, session=self.session, config=self.config, ) users = api2.get_known_user('name', exclude_workspace_ids=[workspace.workspace_id]) assert len(users) == 1 assert users[0] == u2
def test_get_notifiable_roles(self): admin = self.session.query(User) \ .filter(User.email == '*****@*****.**').one() wapi = WorkspaceApi( session=self.session, config=self.app_config, current_user=admin, ) w = wapi.create_workspace(label='workspace w', save_now=True) uapi = UserApi(session=self.session, current_user=admin, config=self.app_config) u = uapi.create_minimal_user(email='[email protected]', save_now=True) eq_([], wapi.get_notifiable_roles(workspace=w)) rapi = RoleApi( session=self.session, current_user=admin, config=self.app_config, ) r = rapi.create_one(u, w, UserRoleInWorkspace.READER, with_notif=True) eq_([ r, ], wapi.get_notifiable_roles(workspace=w)) u.is_active = False eq_([], wapi.get_notifiable_roles(workspace=w))
def enable_workspace_notification(self, context, request: TracimRequest, hapic_data=None): # nopep8 """ enable workspace notification """ app_config = request.registry.settings['CFG'] api = ContentApi( current_user=request.candidate_user, # User session=request.dbsession, config=app_config, ) wapi = WorkspaceApi( current_user=request.candidate_user, # User session=request.dbsession, config=app_config, ) workspace = wapi.get_one(hapic_data.path.workspace_id) wapi.enable_notifications(request.candidate_user, workspace) rapi = RoleApi( current_user=request.candidate_user, # User session=request.dbsession, config=app_config, ) role = rapi.get_one(request.candidate_user.user_id, workspace.workspace_id) wapi.save(workspace) return
def test_unit__get_one__ok__nominal_case(self): admin = self.session.query(User).filter( User.email == "*****@*****.**").one() rapi = RoleApi(current_user=admin, session=self.session, config=self.app_config) rapi.get_one(admin.user_id, 1)
def add_current_user_as_member(self, workspace_id: int) -> Workspace: """ Adds the current user as a member of the given workspace id. Only works for OPEN workspaces. Role is set to the workspace default role. """ query = self._base_query_without_roles().filter( Workspace.workspace_id == workspace_id) query = query.filter(Workspace.access_type == WorkspaceAccessType.OPEN) try: workspace = query.one() except NoResultFound as exc: raise WorkspaceNotFound( "workspace {} does not exist or not visible for user".format( workspace_id)) from exc rapi = RoleApi( current_user=self._user, session=self._session, config=self._config, ) rapi.create_one(self._user, workspace, workspace.default_user_role.level, with_notif=True) return workspace
def get_all_for_user( self, user: User, include_owned: bool = True, include_with_role: bool = True, parents_ids: typing.Optional[typing.List[int]] = None, ) -> typing.List[Workspace]: """ Get all workspaces of user :param user: just an user :param include_owned: include workspace where user is owner :param include_with_role: include workspace where user has a role :return: list of workspaces found """ query = self._base_query() workspace_ids = [] rapi = RoleApi(session=self._session, current_user=self._user, config=self._config) if include_with_role: workspace_ids.extend( rapi.get_user_workspaces_ids( user_id=user.user_id, min_role=UserRoleInWorkspace.READER)) if include_owned: owned_workspaces = self._get_workspaces_owned_by_user(user.user_id) workspace_ids.extend( [workspace.workspace_id for workspace in owned_workspaces]) query = self._parent_id_filter(query, parent_ids=parents_ids) query = query.filter(Workspace.workspace_id.in_(workspace_ids)) query = query.order_by(Workspace.label) return query.all()
def enable_account_workspace_notification(self, context, request: TracimRequest, hapic_data=None): # nopep8 """ enable workspace notification """ app_config = request.registry.settings['CFG'] api = ContentApi( current_user=request.current_user, # User session=request.dbsession, config=app_config, ) wapi = WorkspaceApi( current_user=request.current_user, # User session=request.dbsession, config=app_config, ) workspace = wapi.get_one(hapic_data.path.workspace_id) wapi.enable_notifications(request.current_user, workspace) rapi = RoleApi( current_user=request.current_user, # User session=request.dbsession, config=app_config, ) role = rapi.get_one(request.current_user.user_id, workspace.workspace_id) # nopep8 wapi.save(workspace) return
def test_api___simple_search_ok__by_comment_content( self, created_content_name, search_string, nb_content_result, first_search_result_content_name, first_created_comment_content, second_created_comment_content, ) -> None: dbsession = get_tm_session(self.session_factory, transaction.manager) admin = dbsession.query(User).filter(User.email == "*****@*****.**").one() uapi = UserApi(current_user=admin, session=dbsession, config=self.app_config) gapi = GroupApi(current_user=admin, session=dbsession, config=self.app_config) groups = [gapi.get_one_with_name("trusted-users")] user = uapi.create_user( "*****@*****.**", password="******", do_save=True, do_notify=False, groups=groups, ) workspace_api = WorkspaceApi( current_user=admin, session=dbsession, config=self.app_config, show_deleted=True ) workspace = workspace_api.create_workspace("test", save_now=True) rapi = RoleApi(current_user=admin, session=dbsession, config=self.app_config) rapi.create_one(user, workspace, UserRoleInWorkspace.WORKSPACE_MANAGER, False) api = ContentApi(session=dbsession, current_user=user, config=self.app_config) content = api.create( content_type_slug="html-document", workspace=workspace, label=created_content_name, do_save=True, ) api.create_comment( workspace=workspace, parent=content, content=first_created_comment_content, do_save=True ) api.create_comment( workspace=workspace, parent=content, content=second_created_comment_content, do_save=True, ) api.create( content_type_slug="html-document", workspace=workspace, label="report", do_save=True ) api.create( content_type_slug="thread", workspace=workspace, label="discussion", do_save=True ) transaction.commit() self.testapp.authorization = ("Basic", ("*****@*****.**", "*****@*****.**")) params = {"search_string": search_string} res = self.testapp.get("/api/v2/search/content".format(), status=200, params=params) search_result = res.json_body assert search_result assert search_result["total_hits"] == nb_content_result assert search_result["is_total_hits_accurate"] is False assert search_result["contents"][0]["label"] == first_search_result_content_name
def __init__(self, current_user: Optional[User], session: TracimSession, config: CFG,) -> None: session.assert_event_mechanism() self._session = session self._user = current_user self._config = config self._role_lib = RoleApi( session=self._session, config=self._config, current_user=self._user )
def on_user_role_in_workspace_deleted(self, role: UserRoleInWorkspace, context: TracimContext) -> None: wapi = WorkspaceApi(context.dbsession, None, context.app_config) rapi = RoleApi(context.dbsession, None, context.app_config) for workspace in wapi.get_all_for_user(role.user): rapi.delete_one(role.user.user_id, workspace.workspace_id, flush=False)
def _get_user_workspaces_id(self, min_role: int) -> typing.Optional[typing.List[int]]: """ Get user workspace list or None if no user set """ if self._user: rapi = RoleApi(config=self._config, session=self._session, current_user=self._user) return rapi.get_user_workspaces_ids(self._user.user_id, min_role) return None
def test_unit__get_one__err__role_does_not_exist(self): admin = self.session.query(User).filter( User.email == "*****@*****.**").one() rapi = RoleApi(current_user=admin, session=self.session, config=self.app_config) with pytest.raises(UserRoleNotFound): rapi.get_one(admin.user_id, 100) # workspace 100 does not exist
def test_api__elasticsearch_search__ok__in_file_ingest_search(self): dbsession = get_tm_session(self.session_factory, transaction.manager) admin = dbsession.query(User).filter( User.email == "*****@*****.**").one() uapi = UserApi(current_user=admin, session=dbsession, config=self.app_config) gapi = GroupApi(current_user=admin, session=dbsession, config=self.app_config) groups = [gapi.get_one_with_name("trusted-users")] user = uapi.create_user( "*****@*****.**", password="******", do_save=True, do_notify=False, groups=groups, ) workspace_api = WorkspaceApi(current_user=admin, session=dbsession, config=self.app_config, show_deleted=True) workspace = workspace_api.create_workspace("test", save_now=True) rapi = RoleApi(current_user=admin, session=dbsession, config=self.app_config) rapi.create_one(user, workspace, UserRoleInWorkspace.WORKSPACE_MANAGER, False) api = ContentApi(session=dbsession, current_user=user, config=self.app_config) with self.session.no_autoflush: text_file = api.create( content_type_slug=content_type_list.File.slug, workspace=workspace, label="important", do_save=False, ) api.update_file_data(text_file, "test_file", "text/plain", b"we need to find stringtosearch here !") api.save(text_file) api.execute_created_content_actions(text_file) content_id = text_file.content_id transaction.commit() self.refresh_elasticsearch() params = {"search_string": "stringtosearch"} self.testapp.authorization = ("Basic", ("*****@*****.**", "*****@*****.**")) res = self.testapp.get("/api/v2/search/content".format(), status=200, params=params) search_result = res.json_body assert search_result assert search_result["total_hits"] == 1 assert search_result["is_total_hits_accurate"] is True assert len(search_result["contents"]) == 1 assert search_result["contents"][0]["content_id"] == content_id
def test_unit__get_one__ok__nominal_case(self): admin = self.session.query(User)\ .filter(User.email == '*****@*****.**').one() rapi = RoleApi( current_user=admin, session=self.session, config=self.app_config, ) rapi.get_one(admin.user_id, 1)
def test_unit__get_one__err__role_does_not_exist(self): admin = self.session.query(User)\ .filter(User.email == '*****@*****.**').one() rapi = RoleApi( current_user=admin, session=self.session, config=self.app_config, ) with pytest.raises(UserRoleNotFound): rapi.get_one(admin.user_id, 100) # workspace 100 does not exist
def test_unit__get_known__user__distinct_workspaces_users_by_name__exclude_workspace(self): admin = self.session.query(User) \ .filter(User.email == '*****@*****.**') \ .one() api = UserApi( current_user=None, session=self.session, config=self.app_config, ) u1 = api.create_user( email='email@email', name='name', do_notify=False, do_save=True, ) u2 = api.create_user( email='email2@email2', name='name2', do_notify=False, do_save=True, ) u3 = api.create_user( email='notfound@notfound', name='notfound', do_notify=False, do_save=True, ) wapi = WorkspaceApi( current_user=admin, session=self.session, config=self.app_config, ) workspace = wapi.create_workspace( 'test workspace n°1', save_now=True) wapi = WorkspaceApi( current_user=admin, session=self.session, config=self.app_config, ) workspace_2 = wapi.create_workspace( 'test workspace n°2', save_now=True) role_api = RoleApi( current_user=admin, session=self.session, config=self.app_config, ) role_api.create_one(u1, workspace, UserRoleInWorkspace.READER, False) role_api.create_one(u2, workspace_2, UserRoleInWorkspace.READER, False) role_api.create_one(u3, workspace, UserRoleInWorkspace.READER, False) role_api.create_one(u3, workspace_2, UserRoleInWorkspace.READER, False) api2 = UserApi( current_user=u3, session=self.session, config=self.app_config, ) users = api2.get_known_user('name', exclude_workspace_ids=[workspace.workspace_id]) assert len(users) == 1 assert users[0] == u2
def _get_workspace_subscription_event_receiver_ids(event: Event, session: TracimSession, config: CFG) -> Set[int]: user_api = UserApi(current_user=None, session=session, config=config) administrators = user_api.get_user_ids_from_profile(Profile.ADMIN) author = event.subscription["author"]["user_id"] role_api = RoleApi(current_user=None, session=session, config=config) workspace_managers = role_api.get_workspace_member_ids( event.workspace["workspace_id"], min_role=WorkspaceRoles.WORKSPACE_MANAGER) return set(administrators + workspace_managers + [author])
def test_unit__get_all_for_usages(self): admin = self.session.query(User).filter( User.email == "*****@*****.**").one() rapi = RoleApi(current_user=admin, session=self.session, config=self.app_config) workspace = self._create_workspace_and_test("workspace_1", admin) roles = rapi.get_all_for_workspace(workspace) len(roles) == 1 roles[0].user_id == admin.user_id roles[0].role == WorkspaceRoles.WORKSPACE_MANAGER.level
def test__unit__get_notifiable_roles__ok__do_not_show_inactive(self): admin = self.session.query(User) \ .filter(User.email == '*****@*****.**').one() wapi = WorkspaceApi( session=self.session, config=self.app_config, current_user=admin, ) workspace = wapi.create_workspace(label='workspace w', save_now=True) uapi = UserApi( session=self.session, current_user=admin, config=self.app_config ) user_1 = uapi.create_user( email='[email protected]', auth_type=AuthType.INTERNAL, do_save=True, do_notify=False ) user_2 = uapi.create_user( email='[email protected]', auth_type=AuthType.INTERNAL, do_save=True, do_notify = False ) assert wapi.get_notifiable_roles(workspace=workspace) == [] rapi = RoleApi( session=self.session, current_user=admin, config=self.app_config, ) role_1 = rapi.create_one( user_1, workspace, UserRoleInWorkspace.READER, with_notif=True ) role_2 = rapi.create_one( user_2, workspace, UserRoleInWorkspace.READER, with_notif=True ) assert role_1 in wapi.get_notifiable_roles(workspace=workspace) assert role_2 in wapi.get_notifiable_roles(workspace=workspace) user_1.is_active = False assert not role_1 in wapi.get_notifiable_roles(workspace=workspace) assert role_2 in wapi.get_notifiable_roles(workspace=workspace)
def create_workspace( self, label: str = "", description: str = "", agenda_enabled: bool = True, public_download_enabled: bool = True, public_upload_enabled: bool = True, access_type: WorkspaceAccessType = WorkspaceAccessType.CONFIDENTIAL, default_user_role: WorkspaceRoles = WorkspaceRoles.READER, parent: Workspace = None, save_now: bool = False, ) -> Workspace: if not self._user or not self._user_allowed_to_create_new_workspaces( self._user): raise UserNotAllowedToCreateMoreWorkspace( "User not allowed to create more workspace") if not label: raise EmptyLabelNotAllowed("Workspace label cannot be empty") if access_type not in self._config.WORKSPACE__ALLOWED_ACCESS_TYPES: raise DisallowedWorkspaceAccessType( 'Access type "{}" is not allowed for this workspace'.format( access_type.name)) workspace = Workspace() workspace.label = label workspace.description = description workspace.agenda_enabled = agenda_enabled workspace.public_download_enabled = public_download_enabled workspace.public_upload_enabled = public_upload_enabled workspace.created = datetime.utcnow() workspace.updated = datetime.utcnow() workspace.owner = self._user workspace.access_type = access_type workspace.default_user_role = default_user_role workspace.parent = parent # By default, we force the current user to be the workspace manager # And to receive email notifications role_api = RoleApi(session=self._session, current_user=self._user, config=self._config) with self._session.no_autoflush: role = role_api.create_one( self._user, workspace, UserRoleInWorkspace.WORKSPACE_MANAGER, with_notif=True, flush=False, ) self._session.add(workspace) self._session.add(role) if save_now: self._session.flush() return workspace
def test_unit__create_one__nominal_case( self, admin_user, session, app_config, workspace_api_factory ): workspace = workspace_api_factory.get().create_workspace("workspace_1", save_now=True) bob = session.query(User).filter(User.email == "*****@*****.**").one() rapi = RoleApi(current_user=admin_user, session=session, config=app_config) created_role = rapi.create_one( user=bob, workspace=workspace, role_level=WorkspaceRoles.CONTENT_MANAGER.level, with_notif=False, ) obtain_role = rapi.get_one(bob.user_id, workspace.workspace_id) assert created_role == obtain_role
def get_receiver_ids( cls, event: Event, session: TracimSession, config: CFG ) -> typing.Iterable[int]: recipient = event.fields[cls.MENTION_FIELD]["recipient"] if recipient in ALL__GROUP_MENTIONS: # send to all workspace users role_api = RoleApi(session=session, config=config, current_user=None) workspace_id = event.workspace["workspace_id"] return role_api.get_workspace_member_ids(workspace_id) else: # send to mentioned user user_api = UserApi(session=session, config=config, current_user=None) user = user_api.get_one_by_username(recipient) return [user.user_id]
def get_user_orphan_workspaces(self, user: User): """Get all user workspaces where the users is not member of the parent and parent exists""" query = self._base_query() workspace_ids = [] rapi = RoleApi(session=self._session, current_user=self._user, config=self._config) workspace_ids.extend( rapi.get_user_workspaces_ids(user_id=user.user_id, min_role=UserRoleInWorkspace.READER)) query = query.filter(Workspace.workspace_id.in_(workspace_ids)) query = query.filter(Workspace.parent_id.isnot(None)) query = query.filter(Workspace.parent_id.notin_(workspace_ids)) return self.default_order_workspace(query).all()
def workspaces_member_role(self, context, request: TracimRequest, hapic_data=None) -> UserRoleWorkspaceInContext: """ Returns given space member with its role, avatar, etc. """ app_config = request.registry.settings["CFG"] # type: CFG rapi = RoleApi(current_user=request.current_user, session=request.dbsession, config=app_config) role = rapi.get_one(user_id=hapic_data.path.user_id, workspace_id=hapic_data.path.workspace_id) return rapi.get_user_role_workspace_with_context(role)
def test__unit__get_notifiable_roles__ok__do_not_show_unknown_auth(self): admin = self.session.query(User) \ .filter(User.email == '*****@*****.**').one() wapi = WorkspaceApi( session=self.session, config=self.app_config, current_user=admin, ) workspace = wapi.create_workspace(label='workspace w', save_now=True) uapi = UserApi(session=self.session, current_user=admin, config=self.app_config) user_1 = uapi.create_user(email='[email protected]', auth_type=AuthType.INTERNAL, do_save=True, do_notify=False) user_2 = uapi.create_user(email='[email protected]', auth_type=AuthType.UNKNOWN, do_save=True, do_notify=False) user_3 = uapi.create_user(email='[email protected]', auth_type=AuthType.REMOTE, do_save=True, do_notify=False) assert wapi.get_notifiable_roles(workspace=workspace) == [] rapi = RoleApi( session=self.session, current_user=admin, config=self.app_config, ) role_1 = rapi.create_one(user_1, workspace, UserRoleInWorkspace.READER, with_notif=True) role_2 = rapi.create_one(user_2, workspace, UserRoleInWorkspace.READER, with_notif=True) role_3 = rapi.create_one(user_3, workspace, UserRoleInWorkspace.READER, with_notif=True) assert role_1 in wapi.get_notifiable_roles(workspace=workspace) assert not role_2 in wapi.get_notifiable_roles(workspace=workspace) assert role_3 in wapi.get_notifiable_roles(workspace=workspace)
def test_proxy_workspace_agenda__ok__nominal_case(self) -> None: dbsession = get_tm_session(self.session_factory, transaction.manager) admin = dbsession.query(User).filter( User.email == "*****@*****.**").one() uapi = UserApi(current_user=admin, session=dbsession, config=self.app_config) gapi = GroupApi(current_user=admin, session=dbsession, config=self.app_config) groups = [gapi.get_one_with_name("users")] user = uapi.create_user( "*****@*****.**", password="******", do_save=True, do_notify=False, groups=groups, ) workspace_api = WorkspaceApi(current_user=admin, session=dbsession, config=self.app_config, show_deleted=True) workspace = workspace_api.create_workspace("test", save_now=True) workspace.agenda_enabled = True rapi = RoleApi(current_user=admin, session=dbsession, config=self.app_config) rapi.create_one(user, workspace, UserRoleInWorkspace.CONTENT_MANAGER, False) transaction.commit() self.testapp.authorization = ("Basic", ("*****@*****.**", "*****@*****.**")) self.testapp.get("/agenda/workspace/{}/".format( workspace.workspace_id), status=404) event = VALID_CALDAV_BODY_PUT_EVENT self.testapp.put( "/agenda/workspace/{}/".format(workspace.workspace_id), event, content_type="text/agenda", status=201, ) self.testapp.get("/agenda/workspace/{}/".format( workspace.workspace_id), status=200) self.testapp.delete("/agenda/workspace/{}/".format( workspace.workspace_id), status=200)
def test_unit__get_all_for_usages(self): admin = self.session.query(User)\ .filter(User.email == '*****@*****.**').one() rapi = RoleApi( current_user=admin, session=self.session, config=self.app_config, ) workspace = self._create_workspace_and_test( 'workspace_1', admin ) roles = rapi.get_all_for_workspace(workspace) len(roles) == 1 roles[0].user_id == admin.user_id roles[0].role == WorkspaceRoles.WORKSPACE_MANAGER.level
def on_user_role_in_workspace_deleted( self, role: UserRoleInWorkspace, context: TracimContext ) -> None: """ Remove the user from all child spaces """ user = role.user parent_workspace = role.workspace rapi = RoleApi(session=context.dbsession, config=context.app_config, current_user=None) for workspace in parent_workspace.recursive_children: try: rapi.delete_one( user_id=user.user_id, workspace_id=workspace.workspace_id, flush=False, ) except UserRoleNotFound: pass
def delete_workspaces_members_role(self, context, request: TracimRequest, hapic_data=None) -> None: """ Remove the user from the space. This feature is for workspace managers and administrators. """ app_config = request.registry.settings["CFG"] # type: CFG rapi = RoleApi(current_user=request.current_user, session=request.dbsession, config=app_config) rapi.delete_one(user_id=hapic_data.path.user_id, workspace_id=hapic_data.path.workspace_id) return
def create_workspace( self, label: str='', description: str='', calendar_enabled: bool=False, save_now: bool=False, ) -> Workspace: if not label: raise EmptyLabelNotAllowed('Workspace label cannot be empty') if self._session.query(Workspace).filter(Workspace.label == label).count() > 0: # nopep8 raise WorkspaceLabelAlreadyUsed( 'A workspace with label {} already exist.'.format(label) ) workspace = Workspace() workspace.label = label workspace.description = description workspace.calendar_enabled = calendar_enabled # By default, we force the current user to be the workspace manager # And to receive email notifications role_api = RoleApi( session=self._session, current_user=self._user, config=self._config ) role = role_api.create_one( self._user, workspace, UserRoleInWorkspace.WORKSPACE_MANAGER, with_notif=True, ) self._session.add(workspace) self._session.add(role) if save_now: self._session.flush() # TODO - G.M - 28-03-2018 - [Calendar] Reenable calendar stuff # if calendar_enabled: # self._ensure_calendar_exist(workspace) # else: # self._disable_calendar(workspace) return workspace
def test_unit__create_one__nominal_case(self): admin = self.session.query(User).filter( User.email == "*****@*****.**").one() workspace = self._create_workspace_and_test("workspace_1", admin) bob = self.session.query(User).filter( User.email == "*****@*****.**").one() rapi = RoleApi(current_user=admin, session=self.session, config=self.app_config) created_role = rapi.create_one( user=bob, workspace=workspace, role_level=WorkspaceRoles.CONTENT_MANAGER.level, with_notif=False, ) obtain_role = rapi.get_one(bob.user_id, workspace.workspace_id) assert created_role == obtain_role
def _get_members_and_administrators_ids(event: Event, session: TracimSession, config: CFG) -> Set[int]: """ Return administrators + members of the event's workspace + user subject of the action if there is one """ user_api = UserApi(current_user=None, session=session, config=config) administrators = user_api.get_user_ids_from_profile(Profile.ADMIN) role_api = RoleApi(current_user=None, session=session, config=config) workspace_members = role_api.get_workspace_member_ids( event.workspace["workspace_id"]) receiver_ids = set(administrators + workspace_members) try: receiver_ids.add(event.user["user_id"]) except AttributeError: # no user in event pass return receiver_ids
def workspaces_members( self, context, request: TracimRequest, hapic_data=None ) -> typing.List[UserRoleWorkspaceInContext]: """ Returns the list of space members with their role, avatar, etc. """ app_config = request.registry.settings['CFG'] rapi = RoleApi( current_user=request.current_user, session=request.dbsession, config=app_config, ) roles = rapi.get_all_for_workspace(request.current_workspace) return [ rapi.get_user_role_workspace_with_context(user_role) for user_role in roles ]
def workspaces_member_role( self, context, request: TracimRequest, hapic_data=None ) -> UserRoleWorkspaceInContext: """ Returns given space member with its role, avatar, etc. """ app_config = request.registry.settings['CFG'] rapi = RoleApi( current_user=request.current_user, session=request.dbsession, config=app_config, ) role = rapi.get_one( user_id=hapic_data.path.user_id, workspace_id=hapic_data.path.workspace_id, ) return rapi.get_user_role_workspace_with_context(role)
def delete_workspaces_members_role( self, context, request: TracimRequest, hapic_data=None ) -> None: """ Remove the user from the space. This feature is for workspace managers and administrators. """ app_config = request.registry.settings['CFG'] rapi = RoleApi( current_user=request.current_user, session=request.dbsession, config=app_config, ) rapi.delete_one( user_id=hapic_data.path.user_id, workspace_id=hapic_data.path.workspace_id, ) return
def test_unit__create_one__nominal_case(self): admin = self.session.query(User)\ .filter(User.email == '*****@*****.**').one() workspace = self._create_workspace_and_test( 'workspace_1', admin ) bob = self.session.query(User)\ .filter(User.email == '*****@*****.**').one() rapi = RoleApi( current_user=admin, session=self.session, config=self.app_config, ) created_role = rapi.create_one( user=bob, workspace=workspace, role_level=WorkspaceRoles.CONTENT_MANAGER.level, with_notif=False, ) obtain_role = rapi.get_one(bob.user_id, workspace.workspace_id) assert created_role == obtain_role
def insert(self): admin = self._session.query(User) \ .filter(User.email == '*****@*****.**') \ .one() bob = self._session.query(User) \ .filter(User.email == '*****@*****.**') \ .one() john_the_reader = self._session.query(User) \ .filter(User.email == '*****@*****.**') \ .one() admin_workspace_api = WorkspaceApi( current_user=admin, session=self._session, config=self._config, ) bob_workspace_api = WorkspaceApi( current_user=bob, session=self._session, config=self._config ) content_api = ContentApi( current_user=admin, session=self._session, config=self._config ) bob_content_api = ContentApi( current_user=bob, session=self._session, config=self._config ) reader_content_api = ContentApi( current_user=john_the_reader, session=self._session, config=self._config ) role_api = RoleApi( current_user=admin, session=self._session, config=self._config, ) # Workspaces business_workspace = admin_workspace_api.create_workspace( 'Business', description='All importants documents', save_now=True, ) recipe_workspace = admin_workspace_api.create_workspace( 'Recipes', description='Our best recipes', save_now=True, ) other_workspace = bob_workspace_api.create_workspace( 'Others', description='Other Workspace', save_now=True, ) # Workspaces roles role_api.create_one( user=bob, workspace=recipe_workspace, role_level=UserRoleInWorkspace.CONTENT_MANAGER, with_notif=False, ) role_api.create_one( user=john_the_reader, workspace=recipe_workspace, role_level=UserRoleInWorkspace.READER, with_notif=False, ) # Folders tool_workspace = content_api.create( content_type_slug=content_type_list.Folder.slug, workspace=business_workspace, label='Tools', do_save=True, do_notify=False, ) menu_workspace = content_api.create( content_type_slug=content_type_list.Folder.slug, workspace=business_workspace, label='Menus', do_save=True, do_notify=False, ) dessert_folder = content_api.create( content_type_slug=content_type_list.Folder.slug, workspace=recipe_workspace, label='Desserts', do_save=True, do_notify=False, ) salads_folder = content_api.create( content_type_slug=content_type_list.Folder.slug, workspace=recipe_workspace, label='Salads', do_save=True, do_notify=False, ) other_folder = content_api.create( content_type_slug=content_type_list.Folder.slug, workspace=other_workspace, label='Infos', do_save=True, do_notify=False, ) # Pages, threads, .. tiramisu_page = content_api.create( content_type_slug=content_type_list.Page.slug, workspace=recipe_workspace, parent=dessert_folder, label='Tiramisu Recipes!!!', do_save=True, do_notify=False, ) with new_revision( session=self._session, tm=transaction.manager, content=tiramisu_page, ): content_api.update_content( item=tiramisu_page, new_content='<p>To cook a greet Tiramisu, you need many ingredients.</p>', # nopep8 new_label='Tiramisu Recipes!!!', ) content_api.save(tiramisu_page) best_cake_thread = content_api.create( content_type_slug=content_type_list.Thread.slug, workspace=recipe_workspace, parent=dessert_folder, label='Best Cake', do_save=False, do_notify=False, ) best_cake_thread.description = 'Which is the best cake?' self._session.add(best_cake_thread) apple_pie_recipe = content_api.create( content_type_slug=content_type_list.File.slug, workspace=recipe_workspace, parent=dessert_folder, label='Apple_Pie', do_save=False, do_notify=False, ) apple_pie_recipe.file_extension = '.txt' apple_pie_recipe.depot_file = FileIntent( b'Apple pie Recipe', 'apple_Pie.txt', 'text/plain', ) self._session.add(apple_pie_recipe) Brownie_recipe = content_api.create( content_type_slug=content_type_list.File.slug, workspace=recipe_workspace, parent=dessert_folder, label='Brownie Recipe', do_save=False, do_notify=False, ) Brownie_recipe.file_extension = '.html' Brownie_recipe.depot_file = FileIntent( b'<p>Brownie Recipe</p>', 'brownie_recipe.html', 'text/html', ) self._session.add(Brownie_recipe) fruits_desserts_folder = content_api.create( content_type_slug=content_type_list.Folder.slug, workspace=recipe_workspace, label='Fruits Desserts', parent=dessert_folder, do_save=True, ) menu_page = content_api.create( content_type_slug=content_type_list.Page.slug, workspace=business_workspace, parent=menu_workspace, label='Current Menu', do_save=True, ) new_fruit_salad = content_api.create( content_type_slug=content_type_list.Page.slug, workspace=recipe_workspace, parent=fruits_desserts_folder, label='New Fruit Salad', do_save=True, ) old_fruit_salad = content_api.create( content_type_slug=content_type_list.Page.slug, workspace=recipe_workspace, parent=fruits_desserts_folder, label='Fruit Salad', do_save=True, do_notify=False, ) with new_revision( session=self._session, tm=transaction.manager, content=old_fruit_salad, ): content_api.archive(old_fruit_salad) content_api.save(old_fruit_salad) bad_fruit_salad = content_api.create( content_type_slug=content_type_list.Page.slug, workspace=recipe_workspace, parent=fruits_desserts_folder, label='Bad Fruit Salad', do_save=True, do_notify=False, ) with new_revision( session=self._session, tm=transaction.manager, content=bad_fruit_salad, ): content_api.delete(bad_fruit_salad) content_api.save(bad_fruit_salad) # File at the root for test new_fruit_salad = content_api.create( content_type_slug=content_type_list.Page.slug, workspace=other_workspace, label='New Fruit Salad', do_save=True, ) old_fruit_salad = content_api.create( content_type_slug=content_type_list.Page.slug, workspace=other_workspace, label='Fruit Salad', do_save=True, ) with new_revision( session=self._session, tm=transaction.manager, content=old_fruit_salad, ): content_api.archive(old_fruit_salad) content_api.save(old_fruit_salad) bad_fruit_salad = content_api.create( content_type_slug=content_type_list.Page.slug, workspace=other_workspace, label='Bad Fruit Salad', do_save=True, ) with new_revision( session=self._session, tm=transaction.manager, content=bad_fruit_salad, ): content_api.delete(bad_fruit_salad) content_api.save(bad_fruit_salad) content_api.create_comment( parent=best_cake_thread, content='<p>What is for you the best cake ever? </br> I personnally vote for Chocolate cupcake!</p>', # nopep8 do_save=True, ) bob_content_api.create_comment( parent=best_cake_thread, content='<p>What about Apple Pie? There are Awesome!</p>', do_save=True, ) reader_content_api.create_comment( parent=best_cake_thread, content='<p>You are right, but Kouign-amann are clearly better.</p>', do_save=True, ) with new_revision( session=self._session, tm=transaction.manager, content=best_cake_thread, ): bob_content_api.update_content( item=best_cake_thread, new_content='What is the best cake?', new_label='Best Cakes?', ) bob_content_api.save(best_cake_thread) with new_revision( session=self._session, tm=transaction.manager, content=tiramisu_page, ): bob_content_api.update_content( item=tiramisu_page, new_content='<p>To cook a great Tiramisu, you need many ingredients.</p>', # nopep8 new_label='Tiramisu Recipe', ) bob_content_api.save(tiramisu_page) self._session.flush()
def create_workspaces_members_role( self, context, request: TracimRequest, hapic_data=None ) -> UserRoleWorkspaceInContext: """ Add a member to this workspace. This feature is for workspace managers and administrators. """ newly_created = False email_sent = False app_config = request.registry.settings['CFG'] # type: CFG rapi = RoleApi( current_user=request.current_user, session=request.dbsession, config=app_config, ) uapi = UserApi( current_user=request.current_user, session=request.dbsession, config=app_config, show_deactivated=True, show_deleted=True, ) try: _, user = uapi.find( user_id=hapic_data.body.user_id, email=hapic_data.body.user_email, public_name=hapic_data.body.user_public_name ) if user.is_deleted: raise UserIsDeleted('This user has been deleted. Unable to invite him.') # nopep8 if not user.is_active: raise UserIsNotActive('This user is not activated. Unable to invite him') # nopep8 except UserDoesNotExist as exc: if not uapi.allowed_to_invite_new_user(hapic_data.body.user_email): raise exc if app_config.NEW_USER_INVITATION_DO_NOTIFY: user = uapi.create_user( auth_type=AuthType.UNKNOWN, email=hapic_data.body.user_email, password=password_generator(), do_notify=True ) if app_config.EMAIL_NOTIFICATION_ACTIVATED and \ app_config.NEW_USER_INVITATION_DO_NOTIFY and \ app_config.EMAIL_NOTIFICATION_PROCESSING_MODE.lower() == 'sync': email_sent = True else: user = uapi.create_user( auth_type=AuthType.UNKNOWN, email=hapic_data.body.user_email, password=None, do_notify=False ) newly_created = True role = rapi.create_one( user=user, workspace=request.current_workspace, role_level=WorkspaceRoles.get_role_from_slug(hapic_data.body.role).level, # nopep8 with_notif=app_config.EMAIl_NOTIFICATION_ENABLED_ON_INVITATION, flush=True, ) return rapi.get_user_role_workspace_with_context( role, newly_created=newly_created, email_sent=email_sent, )
def test_unit__get_all_manageable(self): admin = self.session.query(User) \ .filter(User.email == '*****@*****.**').one() uapi = UserApi( session=self.session, current_user=admin, config=self.app_config, ) # Checks a case without workspaces. wapi = WorkspaceApi( session=self.session, current_user=admin, config=self.app_config, ) eq_([], wapi.get_all_manageable()) # Checks an admin gets all workspaces. w4 = wapi.create_workspace(label='w4') w3 = wapi.create_workspace(label='w3') w2 = wapi.create_workspace(label='w2') w1 = wapi.create_workspace(label='w1') eq_([w1, w2, w3, w4], wapi.get_all_manageable()) # Checks a regular user gets none workspace. gapi = GroupApi( session=self.session, current_user=None, config=self.app_config, ) u = uapi.create_minimal_user('[email protected]', [gapi.get_one(Group.TIM_USER)], True) wapi = WorkspaceApi( session=self.session, current_user=u, config=self.app_config, ) rapi = RoleApi( session=self.session, current_user=None, config=self.app_config, ) rapi.create_one(u, w4, UserRoleInWorkspace.READER, False) rapi.create_one(u, w3, UserRoleInWorkspace.CONTRIBUTOR, False) rapi.create_one(u, w2, UserRoleInWorkspace.CONTENT_MANAGER, False) rapi.create_one(u, w1, UserRoleInWorkspace.WORKSPACE_MANAGER, False) eq_([], wapi.get_all_manageable()) # Checks a manager gets only its own workspaces. u.groups.append(gapi.get_one(Group.TIM_MANAGER)) rapi.delete_one(u.user_id, w2.workspace_id) rapi.create_one(u, w2, UserRoleInWorkspace.WORKSPACE_MANAGER, False) eq_([w1, w2], wapi.get_all_manageable())